After Facebook and our class guest speaker, Mike Green’s lecture, I start thinking seriously about risks in our social media. Comparing with Facebook, Instagram and Snapchat, I think LinkedIn is more dangerous because most of us contained our real information in that, including real name, education background, working information and so on. I have read a news yesterday about Flaw in LinkedIn AutoFill Plugin Lets Third-Party Sites Steal Your Data. In the article, it discloses a new vulnerability discovered in Linkedin’s popular AutoFill functionality found leaking its users’ sensitive information to third party websites without the user even knowing about it. LinkedIn provides an AutoFill plugin for a long time that other websites can use to let LinkedIn users quickly fill in profile data, including their full name, phone number, email address, ZIP code, company and job title, with a single click. A legitimate website would likely place a AutoFill button near the fields the button can fill, but according to Cable, an attacker could secretly use the AutoFill feature on his website by changing its properties to spread the button across the entire web page and then make it invisible.
https://thehackernews.com/2018/04/linkedin-account-hack.html